s3-bucket-public-read-prohibited

Checks that your Amazon S3 buckets do not allow public read access. The rule checks
the Block Public Access settings, the bucket policy, and the bucket access control
list (ACL).

The rule is compliant when both of the following are true:

The Block Public Access setting restricts public policies or the bucket policy does
not allow public read access.

The Block Public Access setting restricts public ACLs or the bucket ACL does not allow
public read access.

The rule is noncompliant when:

If the Block Public Access setting does not restrict public policies, AWS Config evaluates
whether the policy allows public read access. If the policy allows public read access,
the rule is noncompliant.

If the Block Public Access setting does not restrict public bucket ACLs, AWS Config
evaluates whether the bucket ACL allows public read access. If the bucket ACL allows
public read access, the rule is noncompliant.